Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.

After Kyle Busch pulled out of the Coca-Cola 600 hours before his death, winner Daniel Suarez—Busch's mentee—dedicated his ...

Cleveland's poor play has the Cavaliers two losses from being eliminated by the New York Knicks in the Eastern Conference ...

The security platform Socket has recently discovered an enormous worldwide malware operation that has been dubbed "TrapDoor".

After beating Catholic Memorial on April 25, Tyler Beverage started doing backflips following Wachusett wins. The new ...

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

A coordinated malware campaign known as TrapDoor has hit software ecosystems widely used by crypto and blockchain developers.